funsec mailing list archives

Cryptome: Server Comms Reporting for Research Effort gov.pk

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Thu, 6 Dec 2007 00:00:01 +0200 (EET)

It is not know if this information was collected with scripts or manually via Netcraft-type databases.

Example data:
--clip--
www.academy.gov.pk      67.18.34.220
        SERVER IP: 67.18.34.220
PORT/PROTOCOL: 80/tcp
TYPE: NOTE
- A web server is running on this port : Server: Microsoft-IIS/6.0
- The remote host is running a Microsoft IIS webserver

SERVER IP: 67.18.34.220
PORT/PROTOCOL: 80/tcp
TYPE: REPORT
Synopsis : The remote host is vulnerable to multiple attack vectors The remote host is running PHP less than 5.2.0. 
This version is vulnerable to around 180 bugs. An attacker, exploiting these flaws, would be able to impact 
Confidentiality, Integrity, and Availability. CVSS Base Score : 7.5 CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P Solution : Upgrade 
to PHP 4.4.5, 5.2.1 or newer See also : http://www.php.net/ChangeLog-5.php#5.2.1
CVE :....
--clip--

Link:
http://cryptome.org/gov-pk.htm

- Juha-Matti
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Cryptome: Server Comms Reporting for Research Effort gov.pk Juha-Matti Laurio (Dec 05)
- Re: Cryptome: Server Comms Reporting for Research Effort gov.pk Dude VanWinkle (Dec 05)
  - Re: Cryptome: Server Comms Reporting for Research Effort gov.pk George A. Theall (Dec 06)
    - Re: Cryptome: Server Comms Reporting for Research Effort gov.pk Eduardo Tongson (Dec 06)